Blog & References
How to Manage AI Risk in Your Ontario Medical Practice

Practice operations·

How to Manage AI Risk in Your Ontario Medical Practice

Learn how to manage AI risk in your Ontario medical practice with a practical governance playbook covering shadow AI, PHIPA compliance, and vendor due diligence.

How to Manage AI Risk in Your Ontario Medical Practice

A governance playbook for owner-operators who can't afford a PHIPA breach or a hallucinated chart note.

For related context, see Your Path To Practicing In Ontario Starts Here Immigration Mindset Amp Initial Strategy. Most conversations about AI in medicine start with vendor selection, which scribe is fastest, which tool saves the most admin time. That framing skips past the harder question: who in your clinic is already using AI, on what accounts, and with whose data?

We work with Ontario practices across the province, and the pattern we see again and again is that AI governance isn't an IT problem waiting for an IT budget. It's a practice oversight problem, the same category as billing leakage, unsigned forms, and schedule inefficiencies. If you can't see it, you can't manage it.


Q: What exactly is "shadow AI," and why is it the most dangerous AI risk in a small Ontario clinic?

The term shadow AI describes what happens when staff, or the owner themselves, use personal ChatGPT, Gemini, Otter.ai, or similar accounts to handle work that touches patient or business data. No IT approval, no privacy review, no vendor agreement. Just a browser tab and a billing question that turns into a patient letter that turns into a full conversation about a specific case.

The IPC has explicitly flagged this pattern: shadow AI is being used "contrary to institutional acceptable-use policies," and health information custodians are expected to be prepared to address it.6

Here's the part that surprises most owners we talk to: the biggest offenders are often at the top of the org chart.

Physicians and owners are overwhelmingly guilty of emailing and messaging patients without informed consent, using AI scribes for notes without checking how the models are weighted, and many use Claude or GPT for seemingly helpful and isolated tasks, until one day they're asking for business advice, drafting patient letters, and having what amounts to a mentoring conversation with an LLM that now holds context about their practice, their patients, and their financials.

The rationalization is usually "it's fine, I pay the $20 a month" or "I never used the patient's name." But AI can make solid predictions and guide decisions in ways users don't anticipate. Paying for a consumer subscription does not create a data processing agreement. It does not satisfy PHIPA. And if you're the leader taking those liberties without educating your team, you are the governance gap.

This connects directly to the revenue oversight work we do at Physicians First. Just as billing leakage hides in claims that were never submitted or denied without follow-up, AI risk hides in ungoverned staff behaviour. The parallel is exact: you can't manage what you can't see. If you've ever looked at the revenue leakage you can't see in your claims, you already understand the mechanics, invisible drift, compounding quietly until something surfaces.


Q: What do Ontario regulators actually expect from a private clinic in 2025 and 2026?

More than most owners realize, and the expectations are tightening.

The OMA's AI resource centre and its 2026 primer for Ontario physicians both reinforce that physicians remain responsible for every clinical decision, regardless of whether AI generated the underlying output.12 The OMA has noted a significant AI literacy gap across Canada and has pointed to OntarioMD's no-cost support as a resource, but "support is available" is not the same as "your practice is covered."3

Ontario's Responsible Use of Artificial Intelligence Directive, which came into effect December 2024, establishes province-wide expectations for documented risk assessments, justified and proportionate use, privacy protection, transparency, and accountability.4 While the directive technically applies to Ontario Public Service operations, it signals clearly where regulatory standards are heading for any entity handling provincial health data.

The IPC Commissioner has been explicit: patient trust depends on custodians being prepared to answer questions about how AI is being used in their care.5 OntarioMD has translated that into practical guidance: privacy-first governance, written policies, vendor safeguards, and bias testing before deployment.7

PHIPA obligations haven't changed, but the surface area for potential violations has grown enormously. Health information custodians must protect against unauthorized use or disclosure, and the IPC can levy administrative monetary penalties when they don't.


Q: The Ontario Auditor General found that 12 of 20 AI scribe systems mis-recorded prescriptions. What does that mean for how I document AI use in my charts?

It means the documentation layer matters as much as the scribe itself.

The Auditor General's findings were sobering: 9 of 20 evaluated AI scribe systems hallucinated, 12 mis-recorded prescriptions, and approximately 94% of generative AI use among OPS staff occurred on unapproved public tools.10 OntarioMD has stated that physicians must manually review all AI-generated notes, but as of the time of writing, no mandatory sign-off feature is required in these systems.8

Our view on this is direct: using third-party AI scribes instead of locally hosted or Dragon-style tools exposes more risk than reward. The analogy to legal practice is apt, regulators have no tolerance for professionals cutting corners. When a physician shortcuts their clinical documentation, they don't just create a liability exposure. They deprive themselves of the cognitive engagement that clinical recall depends on, and they degrade the clinical data that informs pharmaceutical and academic research downstream. Garbage in, garbage out, and that data quality problem compounds across the entire health system.9

For documentation, the practical minimum is this: any AI-generated chart note should include a clear indication that the content was AI-assisted, that the physician reviewed the output, and that the physician accepts clinical responsibility for what's in the record. If your scribe system doesn't make that easy to do, that's a design gap worth flagging to your vendor, or a reason to reconsider the tool. CPSO guidance on AI disclosure is evolving, and staying ahead of it is simpler when it's built into your workflow from the start.


Q: If a clinic owner has one week and no IT department, what's the minimum viable AI policy they need to write, and what does it have to say to be enforceable under PHIPA?

This is exactly what we coach clients through, so here's the honest version rather than the consultant version.

First, define authorization. Your policy needs to identify which tools are approved for use and explicitly state that using any unapproved tool is grounds for dismissal. Not "may result in discipline", grounds for dismissal. The seriousness has to match the risk.

Second, require a privacy pledge. Every team member should complete a brief AI-literacy course and sign a privacy pledge. The pledge should confirm they understand the rules, understand the risks, and agree they will not use tools that aren't on the approved list. This matters for enforceability: a signed pledge creates a documented understanding that is hard to disclaim later.

Third, audit your service providers. Ensure all external partners, billing services, virtual assistants, transcription vendors, are working within environments that are compliant with applicable Ontario law. A BAA or data processing agreement is not optional; it's the floor.

One nuance that most clinics miss entirely: under Ontario law as it stands in 2026, a clinic can own its systems and, by extension, use its own data for internal training and support purposes. A third party cannot. That distinction changes which tools are even on the table. Understanding your business goal first, what value you're actually trying to create, will guide you toward the tools that serve that goal without the liability attached to those that don't.

The honest new reality is that these governance requirements will raise overhead. Some practices will choose to keep costs down instead of being safe. That's a decision, and owners should make it with eyes open rather than by accident.

Our decision framework for billing-focused AI tools covers a similar sequencing question for the billing context specifically, the logic carries over.


Q: What's the right order of operations, policy and inventory first, or vendor selection first? And why does getting the sequence wrong create liability the vendor contract won't cover?

Policy and inventory first. Every time.

The most common mistake is entering a vendor evaluation before you know what problem you're solving or what your data boundaries are. When you select a vendor first, you're accepting their defaults, their data residency choices, their subcontractor chains, their model training practices, and then trying to retrofit a policy around tools you've already deployed.

Here's why that creates specific liability exposure: if a data incident occurs and you don't have a written policy that pre-dates the vendor relationship, you cannot demonstrate that your organization applied governance before the breach. The vendor contract will almost certainly include language that allocates privacy liability back to you as the health information custodian. The contract alone does not protect you, your governance posture does.

On vendor vetting specifically, there are three contract clauses we'd want to see before signing anything:

  1. Liability insurance and coverage. What does the vendor actually carry, and does it cover a PHIPA breach that originates in their infrastructure?
  2. Data use terms. Is PHI stored? De-identified and sold? Used to fine-tune their models? If yes to any of those, what was the training data, and what is the reference data set?
  3. Model transparency. If the solution is a GPT wrapper with limited liability disclosure and no transparency about weighting, that's a significant red flag. No reputable vendor should refuse to answer these questions, and refusal itself is informative.

We also apply this thinking internally. We use Predictive Index to map personality types to roles when hiring. AI tools that promise to help screen candidates but carry no real insurance and are opaque about their data weighting introduce more litigation risk than they remove, because the tools that sound most helpful for HR screening are often the ones most exposed to discrimination and bias challenges. So we use PI, which is transparent, and we let AI assist in lower-risk areas. The policy defines the boundary; the tool fills the lane.

For the broader practice-level context, the IPC has made clear that vendor safeguards, bias testing, and privacy impact assessments are not optional extras, they're baseline expectations for any health-sector AI deployment.67


A Three-Step Governance Checklist for Owner-Operators

If you take nothing else from this post, start here:

Step 1, Inventory and policy. Conduct a one-page audit of every AI tool currently in use, approved or not. Then write your acceptable-use policy: what's authorized, what's banned, and what the consequence is for deviation. Put it in writing before your next team meeting.

Step 2, Contract and vendor review. For every tool that touches patient data, confirm: PHIPA/PIPEDA compliance, Canadian data residency, no secondary use of PHI for model training, and evidence of SOC 2 or ISO 27001 certification where applicable. Pull the liability clauses and read them.

Step 3, Training and attestation. Every staff member, including the physician-owner, completes the privacy pledge. Privacy impact assessments are completed before any new AI tool goes live. Breach response steps are documented and known. AI use is noted in the chart where clinically relevant.

This isn't enterprise CISO infrastructure. It's disciplined practice operations. The same instinct that catches a missed billing code or an unsigned form applies here, you build the process once, and it protects you quietly from that point forward. If you want to see what that kind of systematic oversight looks like across your whole operation, our Clarity Concierge practice oversight service applies the same data-driven accountability lens to the full picture of your clinic's performance.



Frequently Asked Questions

Is using ChatGPT to draft a referral letter a PHIPA violation?

Almost certainly, yes, if the letter contains any patient-identifiable information and was entered into a consumer AI account without a data processing agreement or business associate equivalent. Consumer subscriptions do not create the contractual protections PHIPA requires. The risk is compounded if the patient did not consent to their information being processed this way.

Does Ontario require me to tell patients I'm using an AI scribe?

Ontario's IPC has emphasized transparency and patient trust as foundational to AI use in health settings. While mandatory disclosure requirements are still evolving, the IPC expects custodians to be able to answer patient questions about AI use in their care. Getting ahead of that expectation now, with a simple informed consent process, is lower-effort than reacting to a complaint later.5

What's the difference between shadow AI and an approved AI scribe?

An approved AI scribe is a tool that has been vetted against PHIPA/PIPEDA requirements, involves a signed data agreement, operates with known data residency, and has been evaluated for bias and accuracy. Shadow AI is any tool, scribe, chatbot, transcription service, used outside that process, typically on personal accounts. The Ontario AI Scribe Program through OntarioMD pre-vets a set of tools for exactly this reason.8

Who is liable if an AI scribe hallucinates a prescription in my chart?

The physician. OMA guidance is clear that clinicians remain responsible for every clinical decision, including the accuracy of what goes into the chart.2 Vendor contracts will not absorb that liability. This is why manual review of every AI-generated note is non-negotiable, and why documenting that review matters.

Do I need a privacy impact assessment for every AI tool I trial?

Yes, for any tool that processes personal health information. A privacy impact assessment doesn't have to be elaborate for a small clinic, but it must exist. It documents that you identified the risks, evaluated them, and made a conscious decision to proceed, or not. That documented decision-making process is what distinguishes a governed practice from an exposed one.


When we look at the practices that handle AI governance well, they're not the ones with the biggest IT budgets. They're the ones that treat practice oversight as a discipline, the same rigour they bring to billing, scheduling, and patient care. A single PHIPA breach or medico-legal event can cost more than years of billing leakage, and unlike missed claims, the damage isn't always recoverable.

If you'd like a clearer picture of where your practice stands on billing oversight, compliance exposure, and revenue visibility, book your free OHIP billing review with our team, it's a practical starting point, and it costs you nothing to find out what you're working with.


References

  1. OMA, Artificial intelligence in medicine: Resource centre
  2. OMA, AI in medicine: A primer for Ontario physicians
  3. OMA, How you can use AI in your practice today
  4. Government of Ontario, Responsible Use of Artificial Intelligence Directive
  5. IAPP, Ontario's IPC covers potential risks, guardrails as AI meets health care
  6. IPC, AI in Health: Supporting Trustworthy Innovation
  7. OntarioMD Blog, IPC Publishes Report on AI Scribe Use: Guidance for the Healthcare Sector
  8. OntarioMD, AI in practice
  9. Policy Options / IRPP, AI scribes in Canada's health system pose privacy and safety risks
  10. Canadian HR Reporter, AI systems for Ontario doctors hallucinate: auditor general